SecZetta NEProfile 3.3.11 Host Header Injection

2020.08.25
Credit: Josh Sheppard
Risk: Low
Local: No
Remote: Yes
CWE: CWE-74


Ogólna skala CVSS: 6.5/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 8/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Jednorazowa
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

Exploit Title: NEProfile - Host Header Injection Date: 5/13/2020 Vendor Homepage: https://seczetta.com Software Link: https://seczetta.com/product/ne-profile Version: 3.3.11 Tested on: 3.3.11 Exploit Author: Josh Sheppard & Bryan Clements Exploit Contact: ghost () a t undervurse dot_com & mavr1ck2020 a t protonmail dot_com Exploit Technique: Remote CVE ID: CVE-2020-12855 1. Description A host header injection vulnerability has been discovered in SecZetta's NEProfile product. Authenticated remote adversaries can poison the host header resulting in the attacker controlling response 302 execution flow. The issue affects version 3.3.11 and has not been tested on other versions of the product. 2. Disclosure Timeline 5/4/20 - Discovery and Exploitation 5/12/20 - Vendor Notified 7/18/20 - Patch / Hotfix Created 3. Mitigation Apply hotfix provided by vendor


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top